package com.zzp.zjs_bos.web.action;

import java.io.IOException;
import java.util.List;

import javax.servlet.Servlet;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.apache.struts2.ServletActionContext;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Controller;

import com.zzp.zjs_bos.domain.User;
import com.zzp.zjs_bos.utils.BOSContext;
import com.zzp.zjs_bos.utils.MD5Utils;
import com.zzp.zjs_bos.web.action.base.BaseAction;

@SuppressWarnings("all")
@Controller
@Scope("prototype")
public class UserAction extends BaseAction<User> {
	
	private String checkcode;	
	public void setCheckcode(String checkcode) {
		this.checkcode = checkcode;
	}

	/*public String login(){
		String validatecode = (String) ServletActionContext.getRequest().getSession().getAttribute("key");
		if(checkcode == null || !checkcode.equals(validatecode)){
			this.addActionError(this.getText("checkCodeError"));
			return "login";
		}else{
			User user = userService.login(model);
			if(user != null){
				ServletActionContext.getRequest().getSession().setAttribute("loginUser", user);
				return "home";
			}else{
				this.addActionError(this.getText("loginError"));
				return "login";
			}
		}
		
	}*/
	
	
	
	public String login(){
		String validatecode = (String) ServletActionContext.getRequest().getSession().getAttribute("key");
		if(checkcode == null || !checkcode.equals(validatecode)){
			this.addActionError(this.getText("checkCodeError"));
			
			return "login";
		}else{
			//使用shiro提供的方式进行认证
			//获得当前用户对象（当前的线程），现在状态为“未认证”
			Subject subject = SecurityUtils.getSubject();
			//将用户名和密码放到令牌中，作用就是给安全管理器去根据用户名查出的密码和输入密码做对比
			String username = model.getUsername();
			String password = MD5Utils.md5(model.getPassword());
			AuthenticationToken token = new UsernamePasswordToken(username,password);
			//调用安全管理器，管理器调用realm
			try {
				subject.login(token);
				User user = (User) subject.getPrincipal();
				//登录成功，将user放到session中，并跳转首页
				ServletActionContext.getRequest().getSession().setAttribute("loginUser",user);
				
			} catch (UnknownAccountException e) {
				e.printStackTrace();
				//用户名不存在，跳转登陆页面
				this.addActionError("妈的个巴子，用户名不存在");
				return "login";
			}catch (IncorrectCredentialsException e) {
				e.printStackTrace();
				//密码错误，跳转登陆页面
				this.addActionError("蠢货，密码错误");
				return "login";
			}
			
		}
		return "home";
		
	}
	
	
	
	
	
	public String logout(){
		ServletActionContext.getRequest().getSession().invalidate();
		return "login";
	}
	
	
	public void editPassword() throws IOException{
		String id = BOSContext.getUser().getId();
		String password = MD5Utils.md5(model.getPassword());
		String f = "1";
		try {
			userService.editPassword(id,password);
			ServletActionContext.getResponse().getWriter().write(f);
			
		} catch (Exception e) {
			f="0";	
			ServletActionContext.getResponse().getWriter().write(f);

		}
	}
	
	private String[] roleIds;
	public void setRoleIds(String[] roleIds) {
		this.roleIds = roleIds;
	}
	public String[] getRoleIds() {
		return roleIds;
	}
	
	
	public String save(){
		userService.save(model,roleIds);
		return "list";
	}
	
	public String findAll(){
		List<User> list = userService.findAll();
		String[] excludes = new String[]{"roles","noticebills"};
		this.writeList2Json(list, excludes);
		return NONE;
	}
	
	public String findUser() throws IOException{
		String f = "1";
		User user = userService.findUser(model);
		if(user != null){
			
		}else{
			f="0";
		}
		 ServletActionContext.getResponse().getWriter().write(f);
		return NONE;
	}
	
}
